# Target of Evaluation ![alt_text](https://xwiki.kmlabz.com/bin/download/Projektek/UnstableVortex/Threat%20Modeling/WebHome/Target-of-Evaluation.png?rev=1.2) # Security requirements and objectives ## Security requirements | | Security Requirement | Security Objective | |-----------------|------------------------------------------------------------------------|---------------------------------| | Confidentiality | Personal data of users must be protected from external entities | Data encryption, access control | | Confidentiality | Only registered users should be able to upload and download CAFF files | Data encryption, access control | | Confidentiality | Only registered users should be able to write comments for CAFF files | Data encryption, access control | | Integrity | Regular users should not be able to modify or delete data. | Access control | | Availability | The webshop should be usable with all modern browsers | Browser support | | Authentication | Users should be able to register | User authentication mechanism | | Authorization | Only administrators should be able to modify or delete data. | Administrator privileges | | Authorization | Only administrators can view the purchases of other users | Administrator privileges | | Auditing | Sign in attempts must be recorded | Logging facilities | # Threat assessment ## Assets Physical: * ‒ Human: * Users Logical: * CAFF files * Personal data of users * Login credentials ![alt_text](https://xwiki.kmlabz.com/bin/download/Projektek/UnstableVortex/Threat%20Modeling/WebHome/Full-system.png?rev=1.1) ## Use Cases ![alt_text](https://xwiki.kmlabz.com/bin/download/Projektek/UnstableVortex/Threat%20Modeling/WebHome/UseCase-diagram.png?rev=1.1) ## Weaknesses - Potential points of attack * Request from Frontend to Backend * Response from Backend to Frontend * Data flow between Backend and User Database * Data flow between Backend and Image Database ## Possible attack interfaces * Compromised credentials * Weak and stolen passwords * Malicious insiders * Missing or poor encryption * Misconfiguration * Distributed Denial of Service * Phishing ## Attack methods - Threat agents * **Script kiddie** ‒ Since we are not dealing with sensitive information and the webshop is not an essential service, the most likely attacker is a script kiddie. They could do a phishing attack and intrude the system. They could also exploit weak passwords. * **Disgruntled employee** ‒ An employee might have credentials and a deeper understanding of the system to do some damage or steal data. * **Cyber crime organization** ‒ It is not likely but possible that a cyber crime organization tries to steal passwords hoping that some users use the same password on other websites. # Risk assessment | Item Number | Observation | Likelihood | Impact | Risk Rating | |-------------|------------------------------------------|------------|--------|-------------| | 1 | User passwords can be guessed or cracked | High | Medium | High | | 2 | DDOS attack | Low | High | Medium | | 3 | Accidental file deletion/modification | Medium | High | High | # Identify countermeasures 1. Enforce minimum passwrd length 2. Monitor the firewall 3. Monitor permissions, previleged users and backups